Overview

Affected versions of this package are vulnerable to Arbitrary Code Execution.
An attacker with Overall/Read permission could provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

Remediation

Upgrade org.jenkins-ci.plugins:script-security to version 1.51 or higher.